The White House has ordered federal agencies to get their cybersecurity safeguards up to date as they lag in their ability to implement President Biden's executive order, issued in 2021.
In a memo first obtained by CNN, multiple federal agencies and departments have "failed to fully comply" with the critical security practices that were detailed in the executive order. In a memo to cabinet secretaries, Jake Sullivan, national security adviser, stated that due to this lag in essential cybersecurity implementations, the US government has been "exposed to malicious cyber intrusions," and these agencies are failing to set an example for other organizations.
Senior officials have ensured the national security adviser that they will achieve full compliance of the security requirements included in the executive order by the end of this year.
"The Biden-Harris Administration has had a relentless focus on strengthening the cybersecurity of nation's most critical sectors since day one and will continue to work to secure our cyber defenses," a National Security Council spokesperson stated. The 2021 executive order requires federal agencies to implement adequate security practices and requires contractors to update their cyber defenses should they continue working with the US government.
"Until now, the US government has viewed cybersecurity as voluntary. This news demonstrates that it has shifted to viewing these cybersecurity policies as mandatory because attackers continue to have the upper hand when it comes to cybercrime and fraud," Fran Rosch, CEO of ForgeRock, wrote in an emailed statement. "The entire world has become even more digital — including our critical infrastructure. Our nation's most relied upon resources are all connected and, if hacked, the consequences are catastrophic to our economy and way of life."